Article | 06 September 2022

Private vs public IP: finding your use case

CP router lights
Written by
Tim Patrick, Pre-Sales & Product Manager The Netherlands

IP addressing – the dotted sets of numbers that define the virtual locations of every website, node, and IoT device on the network – goes back to the earliest days of the internet. To many, it seems complicated and technical, since all its flavours seem to do the same thing. But there are differences in the ways IP addresses are assigned and used: public and private, static and dynamic, and more.

One of the most important pairings is public and private – and using the wrong one for your use case can cost you big. So we thought we’d clarify the difference – with a look at the pros, cons, and use cases for private and public. Starting with what they actually mean.

Private IP via NAT: for when internet connectivity is all that's needed

In the good old days of internet networking (they weren’t actually that good, to be honest!), everything on the network had its own, publicly-routable IP address – a unique set of numbers known colloquially as a “dotted quad”. But a fairly short dotted quad has a fairly small set of unique numbers in it, known as the “address space” – and as the internet evolved and the number of devices exploded, it became necessary to make that limited address space go further. Much further.

IPv6 (up from the earlier IPv4) lengthened the numbers, thus expanding the address space. But IPv4 remained in common use, so another way to make the best use of IP addresses came into play: NAT, or Network Address Translation, allowing for “private” IP addresses to come into play: ones you couldn’t “see” on the internet. And since they weren’t public, ones that could be reused across many, many private networks.

NAT let private networks translate a single public IP address into multiple private ones, meaning that valuable public address space could be used efficiently. Much like many buildings can use the same set of extension numbers on their telephone network.

So you’ll see (or rather, you won’t see) private IPs in use across most of the internet, wireless and wired. Most use cases – web browsing, media streaming, using SaaS – don’t need anything more.

This is why Blue Wireless’ default recommendation is to use private dynamic IPs. CG-NAT is widely used across public 4G/5G networks, also by MNOs and ISPs. It’s conceptually simple (like your broadband connection at home) and doesn’t expose the IP address of your internal LAN to prying eyes, making it inherently more secure.

So, where to use a Private IP option

If your use case for wireless is to provide a reliable, secure, and straightforward connection to the internet, it’s likely Private IP is all you’ll need.

It turns out many of our customers never need anything more – and these aren’t just small businesses. Vast, remote construction sites. Building-wide office internet connections. Providers of public WiFi. These and more are well served by private IP services. In fact, many complex SD-WAN implementations also only require a dynamic private IP on the underlay.

So what’s left to Public IP?

Defining Public IP: keeping it all out there

A public IP, by contrast, is an IP address that can be “seen” by anyone on the internet. This is important for some use cases – all websites have a public static IP assigned to them, so your browser can locate them. So do important network resources like public DNS servers and centralised cloud platforms.

But they’re only really important for things you have to go to: namely, a specific resource (like a website) that exists at a specific place. Thanks to the magic of NAT, you don’t usually need a public IP to identify where things are coming from. (So if you’re visiting, needs a public static IP to declare its existence to the web – but you don’t, because you can visit “from” anywhere.)

Also important to mention, Public IPs are a limited resource. Hence they cost more, which is why qualifying your use case correctly is so important.

So, what's left for Public IPs?

The overriding use case for using public IP is companies with a true Point-to-Point VPN, common in older network designs.

While some VPN types and setups can work with private IP addressing, not every network design can.

For example, some network architectures are designed for static IPv4 addressing at both ends of a VPN connection, “expecting” IPs that don’t change dynamically and are reachable directly. This means they won’t work with private dynamic IPs assigned behind CG-NAT. (In other words, parts of your network go kaboom!)

This is sometimes a reason customers don't consider wireless LTE/5G for their branches, but that's only a misconception. Even on your wireless network, you can have a public static IPv4 address range on any service, whatever LTE/5G network you’re connecting to. How?

It's on Blue Wireless’ network design and own regional Points of Presence (PoPs) – each with its own range of static IPv4 addresses ready to be assigned to your service, independent of the local LTE/5G networks.

For the techies: Blue Wireless offers both /30 and /29 public address spaces, providing either one or five usable addresses for your devices.

Another valid use case for public IPs includes scenarios with constant surveillance like packet monitoring, where all parts of the network need monitoring independently of any underlying provider.

The caveats: why you shouldn’t go public automatically

Since public IP gives you more options, you might think it’s worth taking “just in case”. That’s not true. In today’s world, most applications are designed to run with private IP. And there are other reasons to avoid going public if you can.

First, public IP costs more. (You’re bidding for a scarce resource, after all.) Then, because public IPs from Blue Wireless (and many other providers) breakout from regional PoPs when using LTE/5G networks, using public IP can add latency to your connection – private IP over LTE/5G networks provides better performance in general.

Take-away: choose what's right for your real-world situation

In short, IP choices matter – because you matter. We may be a team of LTE/5G experts with our heads in the Cloud, but we’re very down-to-earth when it comes to customer needs. Plenty of organisations we work with still have older network designs, run multi-location VPNs, or deal with sensitive data needing third-party security oversight. Our network architecture works with all of them, with innovations like dual-SIM for redundancy, and IP addressing independent of the network provider for flexibility.

Whatever your use case, there’s a solution that fits.

So if you thought static IPs weren’t an option with wireless LTE/5G – think again. We already have.

Talk to

Tim Patrick, Pre-Sales & Product Manager

Let's get your wireless journey started. I am happy to walk you through the best wireless solutions for your business, whichever the use case.